﻿using wojilu.Net;
using wojilu.Web.Mvc;

namespace wojilu.Web.Controller.Admin
{
    public class SecurityController : ControllerBase
    {
        public override void CheckPermission()
        {
            if (ctx.viewer.IsLogin == false || ctx.web.UserIsLogin == false)
            {
                var url = ctx.url.EncodeUrl;
                if (url.IndexOf("index.aspx") == -1)
                {
                    echoRedirect(lang("exPlsLogin"), t2(new AdminController().Login));
                }
                else
                {
                    echoRedirect(lang("exPlsLogin"), t2(new AdminController().Login) + "?returnUrl=" + url);
                }
                return;
            }

            if (config.Instance.Site.BannedIp.Length > 0)
            {
                if (IpUtil.IsAllowedIp(ctx.Ip, config.Instance.Site.BannedIp) == false)
                {
                    echo(config.Instance.Site.BannedIpInfo);
                    return;
                }
            }
        }

    }
}
